package com.gaoqi.blueversion.client.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

//@Configuration
@EnableWebSecurity
public class BrowerSecurityConfig extends WebSecurityConfigurerAdapter {
    /**
     * 自定义配置
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                // 设置login路径是所有人都可以访问
                .authorizeRequests()
                .antMatchers("/user/**").hasRole("ADMIN")   // 需要相应的角色才能访问
               //.anyRequest()
                //.authenticated()
                .and()
                .formLogin() // 基于表单Form登录验证

                // 设置登陆页的路径和登陆成功访问的页面
                //.formLogin()
                //.loginPage("/html/login.html")
                //.loginProcessingUrl("/login")


                //我自己写的时候是自定义的登录页，没加这个时登陆时一直报405错误，不知道是为什么
                //.defaultSuccessUrl("/html/index.html") // 登陆成功访问的页面路径
                //.permitAll()
                //.and()

                //.loginPage("/login").failureUrl("/login-error");//自定义登录界面
                // 设置登出的路径
                //.logout()
                //.logoutUrl("/login/logout")
        ;
        // 这个是看文档加的一个防攻击，具体可以看文档
//https://springcloud.cc/spring-security-zhcn.html#jc-authentication
        http.csrf().disable();
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        //忽略静态资源
        web.ignoring().antMatchers("/js/**", "/css/**", "/img/**","/fonts/**","/index");

    }


    /**
     * 认证管理信息
     * @param auth
     * @throws Exception
     */
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth)throws Exception{
        auth.inMemoryAuthentication() // 认证信息存储于内存中
                .passwordEncoder(new BCryptPasswordEncoder()).withUser("zhangsan").password(new BCryptPasswordEncoder().encode("123456")).roles("ADMIN");
    }

}
